PT-2013-5026 · Canonical · Lightdm
Marc Deslauriers
+1
·
Publicado
2013-11-23
·
Atualizado
2013-11-25
·
CVE-2013-4459
CVSS v2.0
3.3
Baixa
| Vetor | AV:L/AC:M/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
LightDM versions 1.7.5 through 1.8.3
LightDM versions 1.9.x before 1.9.2
Description
The issue allows local users to bypass intended restrictions by leveraging the Guest account, as the AppArmor profile is not applied to it.
Recommendations
For versions 1.7.5 through 1.8.3, update to a version that applies the AppArmor profile to the Guest account.
For versions 1.9.x before 1.9.2, update to version 1.9.2 or later to ensure the AppArmor profile is applied to the Guest account.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Lightdm